Year Archives: 2010

ntop

ntop ASA Support
ntop supports NetFlow since many years including the latest v9/IPFIX versions. In 2005 Cisco ha releases a new line of  x86 based security devices named ASA that unfortunately have not been supported by ntop/nProbe for a long time. As of today (June 15th 2010, SVN revision 4299) ntop/nProbe finally supports ASA. Please note that as ASA units do not export templates too often, ntop might need some time to start decoding flows (this until the template is received). Furthermore as the nature of ASA flows (e.g. notify when a new …
nProbe

Port Mirror vs Network Tap
In order to analyze network traffic, it’s necessary to feed ntop/nProbe with network packets. There are two solutions to the problem: port mirror (also called SPAN in Cisco parlance) network tap Prior to explain the differences between these two solutions, it’s important to understand how ethernet works. In 100 Mbit and above, hosts usually speak in full duplex meaning that a hosts can both send and receive simultaneously. This means that on a 100 Mbit cable connected to a host, the total amount of traffic that a host can send/receive is …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe